Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Government News

No More Paperwork: Estonia Edges Toward Digital Government (apnews.com) 93

In the Estonian capital of Tallinn, three-day-old Oskar Lunde sleeps soundly in his hospital cot, snuggled into a lime green blanket decorated with red butterflies. Across the room, his father turns on a laptop. "Now we will register our child," Andrejs Lunde says with gravity as he inserts his ID card into the card reader. His wife, Olga, looks on proudly. And just like that, Oskar is Estonia's newest citizen. No paper. No fuss. From a report: This Baltic nation of 1.3 million people is engaged in an ambitious project to make government administration completely digital to reduce bureaucracy, increase transparency and boost economic growth. As more countries shift their services online, Estonia's experiment offers a glimpse of how interacting with the state might be for future generations. Need a prescription? It's online. Need someone at City Hall? No lines there -- or even at the Department of Motor Vehicles! On the school front, parents can see whether their children's homework was done on time.

Estonia has created one platform that supports electronic authentication and digital signatures to enable paperless communications across both the private and public sectors. There are still a few things that you can't do electronically in Estonia: marry, divorce or transfer property -- and that's only because the government has decided it was important to turn up in person for some big life events. This spring, government aims to go even further. If Oskar had been born a few months later, he would have been registered automatically, with his parents receiving an email welcoming him into the nation.

This discussion has been archived. No new comments can be posted.

No More Paperwork: Estonia Edges Toward Digital Government

Comments Filter:
  • by Anonymous Coward

    This is place Russians keep do the hacking, da?

  • How convenient (Score:5, Insightful)

    by quonset ( 4839537 ) on Thursday December 27, 2018 @07:15AM (#57865404)

    When I need information it's now one-stop shopping in Estonia. All the people's information in one convenient place. No muss, no fuss, Hack once and live a lifetime.

    BTW, what happens when, not if, Russia decides that uppity former republic needs to be taught a lesson? We've seen what they're trying to do in the Ukraine. Imagine a country with a population less than the city of Philadelphia being taken down when nothing works because somehow, mysteriously, large amounts of data are lost or corrupted.

    What's that saying about putting all your eggs in one basket?

    • Re:How convenient (Score:5, Informative)

      by Moba Hup ( 5701906 ) on Thursday December 27, 2018 @07:39AM (#57865474)
      The data *isn't* kept in one convenient place. On the contrary. Each government agency only keeps data relevant to them. If they need information about, for instance, someone's company's mailing address, then they can request it -- straight from the agency that deals with this information -- over X-Road [e-estonia.com], a sort of secure intranet/SOA hub. Each agency publishes a set of SOAP services (with various access restrictions) to make use of the information they maintain, and other agencies can securely and directly access these services. Access from/by each agency is protected by standardised security servers that take care of encrypting, validating and logging the data. If a hacker gets access to, say, the local DMV, then they would only have access to DMV's information and could make some individual requests that other agencies allow DMV to make -- no more.
    • Comment removed based on user account deletion
      • by Anonymous Coward

        Your lack of understanding of basic cryptography and PKCS#11 aside, the fact that there is absolutely zero evidence of any successful mass theft of Belgian eID data serve as evidence that you are mistaken in your assumptions. Or do you want us to believe that cybercriminals entirely have missed out on this supposedely easy to steal hoard of valuabe data?

      • by GNious ( 953874 )

        Why bother with Estonia? Just go to Belgium.

        As someone from a 3rd country, living in Belgium and very familiar with Estonia: No

        Stay the fuck away from Belgium, it's a hostile little shithole of a country, you're better off pretty much everywhere else, and especially better off in Estonia

    • Re:How convenient (Score:4, Interesting)

      by Kjella ( 173770 ) on Thursday December 27, 2018 @08:51AM (#57865674) Homepage

      When I need information it's now one-stop shopping in Estonia. All the people's information in one convenient place. No muss, no fuss, Hack once and live a lifetime.

      Actually the reason identity theft is such a big deal in the US is because having the information is generally sufficient. If I doxed myself here in Norway you could certainly do a lot of annoying things, but you'd find that for anything of real importance you'd either have to use an electronic signature or show up in person. Just having my person number (DOB + sex marker + unique counter), name, address etc. doesn't really get you very far. And while all my data is connected through the same unique identifier they're still kept by many different branches of government, you might say one common login gives access to everything but what happens in other nations? Surely there must be some level of standardization that DOB + SSN + whatever = ID. Unless you're going for the "the only way to win is not to play" solution by physically standing in line at a government office for everything.

      Imagine a country with a population less than the city of Philadelphia being taken down when nothing works because somehow, mysteriously, large amounts of data are lost or corrupted.

      Nobody's back end system is paper based anymore. Sure you might say that by exposing it over the Internet you're adding additional threats but the real high level hacks are often still an inside job or targeting the employees. We've had online banking here now for a couple decades, I've still not heard of anyone hacking their way to the core bank systems through the client, it's such an obvious way into the system that the protocol is completely locked down. It could make denial-of-service easier, but you still have to consider a power failure or an idiot with a backhoe and work on contingencies anyway. And don't forget how much else depends on the Internet these days, if it stops tons of B2C and B2B solutions won't work. It's not just the government's problem.

      • " I've still not heard of anyone hacking their way to the core bank systems through the client"

        This happens all the time. You just don't hear about it.
        • Could you reference anything? Like, i get the white hat angle where you hack the core and add a pop up.
          But the way i understood it, as its presented in the media is that your goal as a hacker is to acquire unique information(i.e bank account number+ persona) and then you need a hack to get past the 2 factor authentication. And as the experts know, they are not that secure even if its unique password + offline key generator device
          Once that is done, the goal is then to empty bank account as far as possible. W

        • by Kjella ( 173770 )

          This happens all the time. You just don't hear about it.

          No it doesn't. That they compromise individual accounts, sure. That they compromise the bank itself [securitynewspaper.com] via phishing or hacking yes. But those attacks pretty much never go through the front door, like you go to their public web server and run an exploit.

    • by wisse ( 398347 )

      They have this neat idea of a digital embassy. They have got a copy of digital Estonia running in Luxembourg. When the russians do come the estonians who manage to get out of the country open their laptops somewhere else, and there are still part of digital Estonia.

  • by Anonymous Coward

    You put everything on the Internet, you open it to an attacking nation:
    https://www.bbc.com/news/39655415

    "Online services of Estonian banks, media outlets and government bodies were taken down by unprecedented levels of internet traffic."

    "Massive waves of spam were sent by botnets and huge amounts of automated online requests swamped servers."

    "The result for Estonians citizens was that cash machines and online banking services were sporadically out of action; government employees were unable to communicate w

  • "The Mother looked on proudly as the Father inserted the chip under his newborns skin. After enabling the connection to the laptop, the programming of the child started. Within 10 minutes, the child was fully programmed and was now a full Estonian citizen. On his 17th birthday he would be eligible for ration level B and military service."

    Truly a glorious accomplishment.
    • "The Mother looked on proudly as the Father inserted the chip under his newborns skin. After enabling the connection to the laptop, the programming of the child started. Within 10 minutes, the child was fully programmed and was now a full Estonian citizen. On his 17th birthday he would be eligible for ration level B and military service."

      Truly a glorious accomplishment.

      Meh.

      What they are actually doing - as opposed to your dystopian fantasy - is an electronic version of birth certificates and ID cards that is nothing really new, just a new implementation.

      It carries its own risks (and benefits), sure, but is nothing like what you are describing.

      Do you object to birth certificates and ID cards in general? (Perhaps you do, some do.)

  • ... compared to Estonia. What they're doing in terms of digital government is groundbreaking and has been going on for a few years now. All digital zero-fuss bureaucracy. Very nice and an example I'd wish some German authorities would follow more eagerly.

  • It sounds really simple: all information in one place, you own your own information (including your health information). And techniscally it *is* simple. But the governance can be made so complicated that no other country has pulled this off yet. Getting all your national institutes to work together on one digital government is no small feat.

  • Estonia government servers have been hacked and ALL citizen's private information is available online.
    • by mardu ( 1434445 )
      No centralized data storage (each government body manages their own databases), so pretty much impossible to read about ALL private information being publicly available. Some, possible, but not ALL. Also, not much to do with this information as in Estonia you cannot steal someone's identity just by knowing some data about them. Identity codes (the closest thing to an SSN here) are public information and basically nobody validates identities without a valid ID card or passport (or another equivalent documen
  • by organgtool ( 966989 ) on Thursday December 27, 2018 @11:10AM (#57866304)
    There are a lot of comments here talking about hacking government servers and getting everyone's data. This is based on a misunderstanding of the Estonian digital record system. I've read several articles about it and if I understand it correctly, the system is more of an authentication system and records interface. Your data isn't stored on a single set of government servers - instead, public and private entities store their information about you on their own servers and are required to use the government's digital authentication system for access. The records are required to have access control layers so that citizens can control which people have access to their records. I believe there is also a required interface for presenting history data so that a citizen can see all attempted access to their records. It's a very interesting and pragmatic approach and it'll be something that people should watch closely and learn from.
    • His father turns on a laptop. "Now we will register our child,".

      Pretty standard.. But why do the parents need to register..
      In Denmark the mother is registered during prenatal care, and she also informs the social security number of the expected father.
      One of my colleagues girlfriend gave birth to there baby a Sunday night, and they were unmarried.
      The midwife registers the childbirth.
      One hour later the father got a message from the 'stats amt' where the had to sign for the paternity.

  • Might as well have them implant a bio-chip in your skin. THAT would be the logical next step. No muss, no fuss, NO PRIVACY.

Whoever dies with the most toys wins.

Working...